|
info!("download task started: {:?}", download); |
|
"proxy HTTP request via dfdaemon by rule config: {:?}", |
The code shown above prints all the request headers which may lead to potential credential leak if the header includes the bearer token or basic auth. Even there is ttl for the token, it is still not a good practice to print those values in the info level.
Currently I didn't see a way to sensor the sensetive information as it is hard coded.
client/dragonfly-client/src/grpc/dfdaemon_download.rs
Line 299 in c679cec
client/dragonfly-client/src/proxy/mod.rs
Line 391 in c679cec
The code shown above prints all the request headers which may lead to potential credential leak if the header includes the bearer token or basic auth. Even there is ttl for the token, it is still not a good practice to print those values in the info level.
Currently I didn't see a way to sensor the sensetive information as it is hard coded.